Insufficient privileges wirh JDBC & somet. with name/pass@db
SuseLinux 5.3 & Oracle 8.0.5:
code-statement in a package (within the package is important!)
cid := DBMS_SQL.OPEN_CURSOR;
DBMS_SQL.PARSE('some statement');
DBMS_SQL.CLOSE_CUSOR(cid);
works alwyas with sqlplus name/pass
works sometimes with sqlplus name/pass@db
works never with JDBC:
Message: #ORA-01031: insufficient privileges ORA-06512: at xyz,
line 1776
What is wrong?
null
Create a new user account called "usr", avoid user account
called "user". connect to system and grant execute on the
package to the new user "usr"..
Ken
OH (guest) wrote:
: Some more test-results:
: It works also never with user/passw@db
: DBMS_SQL.PARSE was called with dbms_sql.v7
: It works every time on NT with Personal Oracle 8
: DBMS_SQL grant as sys/change_on_install:
: grant all on dbms_sql to user;
: What went wrong when i call a granted Package over SQL*NET??
null
Similar Messages
-
Insufficient privileges when creating MV with alter session set current_sch
I am getting Insufficient privileges when creating MV with alter session set current_schema=Application schema name. User running the alter session is DBA user. If run as SYSDBA, MV is created successfully. DB Version is 10.2.0.3
I observed similiar issue with regular View also in 9.2.0.6 also.
Any advice is greatly appreciated.
Thanks,
SivaSounds like your management needs a stern lecture on the concept of change management. <g>
I am not debating what you do. I am questioning the logic, or lack thereof, of doing it that way. My recommendation would be to change your procedure to one that:
A. Is more in line with good change management practices.
B. Works. -
4.0 EA2 - Insufficient Privileges When Creating Object With Proxy
When I have connected by proxying to another user, I receive the following message when trying to create a new object:
The database user has insufficient privileges for the given operation.
Steps to reproduce:
Connect by proxying to another user
Right Click on Views
Select New View
I noticed this under EA1, though, not sure if reported. This worked under 3.2.2Sounds like your management needs a stern lecture on the concept of change management. <g>
I am not debating what you do. I am questioning the logic, or lack thereof, of doing it that way. My recommendation would be to change your procedure to one that:
A. Is more in line with good change management practices.
B. Works. -
ORA-01031: insufficient privileges when connecting by SQL PLUS 8.0 with sys
From client, I use SQL PLUS 8.0 to connect to server: sys/password@MYDB1 as sysdba
The error always raises “ORA-01031: insufficient privileges”
I have done:
- Set: remote_login_passwordfile=exclusive in tnsname.ora file
- Uncomment: SQLNET.AUTHENTICATION_SERVICES in “sqlnet.ora” file
Also on this client:
to use SQL PLUS 8.0 to connect to server: manager/password@MYDB1. To connect normally
to use PLSQL Deverloper (it is the same oracle_home with SQL PLUS 8.0) to connect to database normally with user sys.
To use Enterprise manager console (it is other oracle_home with SQL PLUS 8.0) to connect to database normally with user sys
Please, help me to solve this troubleTHIS IS CONTENT OF SQLNET.ora CLIENT
# copyright (c) 1996 by the Oracle Corporation
# NAME
# sqlnet.ora
# FUNCTION
# Oracle Network Client startup parameter file example
# NOTES
# This file contains examples and instructions for defining all
# Oracle Network Client parameters. It should be possible to read
# this file and setup a Client by uncommenting parameter definitions
# and substituting values. The comments should provide enough
# explanation to enable a reasonable user to manage his TNS connections
# without having to resort to 'real' documentation.
# SECTIONS
# ONames Client
# Namesctl
# Native Naming Adpaters
# MODIFIED
# skanjila 06/06/97 - Correct default for Automatic_IPC
# eminer 05/15/97 - Add the relevant onrsd parameters.
# asriniva 04/23/97 - Merge with version from doc
# ggilchri 03/31/97 - mods
# bvasudev 02/07/97 - Change sqlnet.authentication_services documentation
# bvasudev 11/25/96 - Merge sqlnet.ora transport related parameters
# asriniva 11/12/96 - Revise with new OSS parameters.
# asriniva 11/05/96 - Add ANO parameters.
# - ONames Client ----------------------------------------------------
#names.default_domain = world
#Syntax: domain-name
#Default: NULL
# Indicates the domain from which the client most often requests names. When
# this parameter is set the default domain name (for example, US.ACME), the
# domain name will be automatically appended to any unqualified name in an
# ONAmes request (query, register, deregister, etc). Any name which contains
# an unescaped dot ('.') will not have the default domain appended. Simple
# names may be qualified with a trailing dot (for example 'rootserver.').
#names.initial_retry_timeout = 30
#Syntax: 1-600 seconds
#Default: 15 (OSD)
# Determines how long a client will wait for a response from a Names Server
# before reiterating the request to the next server in the preferred_servers
# list.
#names.max_open_connections = 3
#Syntax: 3-64
#Default: ADDRS in preferred_servers
# Determines how many connections an ONames client may have open at one time.
# Clients will ordinarily keep connections to servers open once they are
# established until the operation (or session in namesctl) is complete. A
# connection will be opened whenever needed, and if the maximum would be
# exceeded the least recently used connection will be closed.
#names.message_pool_start_size = 10
#Syntax: 3-256
#Default: 10
# Determines the initial number of messages allocated in the client's message
# pool. This pool provides the client with pre-allocated messages to be used
# for requests to ONames servers. Messages which are in the pool and unused
# may be reused. If a message is needed and no free messages are available in
# the pool more will be allocated.
#names.preferred_servers = (address_list =
# (address=(protocol=ipc)(key=n23))
# (address=(protocol=tcp)(host=nineva)(port=1383))
# (address=(protocol=tcp)(host=cicada)(port=1575))
#Syntax: ADDR_LIST
#Default: Well-Known (OSD)
# Specifies a list of ONames servers in the client's region; requests will be
# sent to each ADDRESS in the list until a response is recieved, or the list
# (and number of retries) is exhausted.
# Addresses of the following form specify that messages to the ONames server
# should use Oracle Remote Operations (RPC):
# (description =
# (address=(protocol=tcp)(host=nineva)(port=1383))
# (connect_data=(rpc=on))
#names.request_retries = 2
#Syntax: 1-5
#Default: 1
# Specifies the number of times the client should try each server in the list
# of preferred_servers before allowing the operation to fail.
#names.directory_path
#Syntax: <adapter-name>
#Default: TNSNAMES,ONAMES,HOSTNAME
# Sets the (ordered) list of naming adaptors to use in resolving a name.
# The default is as shown for 3.0.2 of sqlnet onwards. The default was
# (TNSNAMES, ONAMES) before that. The value can be presented without
# parentheses if only a single entry is being specified. The parameter is
# recognized from version 2.3.2 of sqlnet onward. Acceptable values include:
# TNSNAMES -- tnsnames.ora lookup
# ONAMES -- Oracle Names
# HOSTNAME -- use the hostname (or an alias of the hostname)
# NIS -- NIS (also known as "yp")
# CDS -- OSF DCE's Cell Directory Service
# NDS -- Novell's Netware Directory Service
# - Client Cache (ONRSD) ---------------------------------------------
names.addresses = (ADDRESS=(PROTOCOL=IPC)(KEY=ONAMES))
Syntax: ADDR
Default: (ADDRESS=(PROTOCOL=IPC)(KEY=ONAMES))
Address on which the client cache listens (is available to clients).
Any valid TNS address is allowed. The default should be used if at
all possible; clients have this entry hardwired as the first line
of their server-list file (sdns.ora). If the address is set to a
non-default value the client's preferred_servers parameter should
be set to include the client-cache address first.
names.authority_required = False
Syntax: T/F
Default: False
Determines whether system querys (for the root etc) require Authoritative
answers.
names.auto_refresh_expire = 259200
Syntax: Number of seconds, 60-1209600
Default: 259200
This is the amount of time (in seconds) the server will cache the addresses
of servers listed in server-list file (sdns.ora). When this time expires the
server will issue another query to the servers in those regions to refresh
the data.
names.auto_refresh_retry = 180
Syntax: Number of seconds, 60-3600
Default: sec. 180
This set how often the server will retry when the auto_refresh query fails.
names.cache_checkpoint_file = cache.ckp
Syntax: filename
Default: $ORACLE_HOME/network/names/ckpcch.ora
Specifies the name of the operating system file to which the Names Server
writes its foreign data cache.
names.cache_checkpoint_interval = 7200
Syntax: Number of seconds, 10-259200
Default: 0 (off)
Indicates the interval at which a Names Server writes a checkpoint of its
data cache to the checkpoint file.
names.default_forwarders=
(FORWARDER_LIST=
(FORWARDER=
(NAME= rootserv1.world)
(ADDRESS=(PROTOCOL=tcp)(PORT=42100)(HOST=roothost))))
Syntax: Name-Value/address_list
Default: NULL
A list (in NV form) of the addresses of other servers which should be used to
forward querys while in default_forwarder (slave) mode. NAME is the global
names for the server to which forwards whould be directed, and ADDRESS is its
address.
names.default_forwarders_only = True
Syntax: T/F
Default: False
When set to true this server will use the servers listed in default_forwarders
to forward all operations which involve data in foreign regions. Otherwise it
will use the servers defined in the server-list file (sdns.ora) in addition
to any defined in the default_forwarders parameter.
names.log_directory = /oracle/network/log
Syntax: directory
Default: $ORACLE_HOME/network/log
Indicates the name of the directory where the log file for Names Server
operational events are written.
names.log_file = names.log
Syntax: filename
Default: names.log
The name of the output file to which Names Server operational events are
written.
names.log_stats_interval = 3600
Syntax: Number of seconds, 10-ub4max
Default: sec. 0 (off)
Specifies the number of seconds between statistical entries in log file.
names.log_unique = False
Syntax: T/F
Default: False
If set to true the server will guarantee that the log file will have a unique
name which will not overwrite any existing files (note that log files are
appended to, so log information will not be lost if log_unique is not true).
names.max_open_connections = 10
Syntax: 3-64
Default: 10
Specifies the number of connections that the Names Server can have open at any
given time. The value is generated as the value 10 or the sum of one
connection for listening, five for clients, plus one for each foreign domain
defined in the local administrative region, whichever is greater. Any
operation which requires the server to open a network connection will use
an already open connection if it is available, or will open a connection
if not. Higher settings will save time and cost network resources; lower
settings save network resources, cost time.
names.max_reforwards = 2
Syntax: 1-15
Default: 2
The maximum number of times the server will attempt to forward a certain
operation.
names.message_pool_start_size = 24
Syntax: 3-256
Default: 10
Determines the initial number of messages allocated in the server's message
pool. This pool provides the server with pre-allocated messages to be used
for incoming or outgoing messages (forwards). Messages which are in the pool
and unused may be reused. If a message is needed and no free messages are
available in the pool more will be allocated.
names.no_modify_requests = False
Syntax: T/F
Default: False
If set to true, the server will refuse any operations which modify the
data in its region (it will still save foreign info in the cache which is
returned from foreign querys).
names.password = 625926683431AA55
Syntax: encrypted string
Default: NULL
If set the server will require that the user provide a password in his
namesctl session (either with sqlnet.ora:namesctl.server_password or 'set
password') in order to do 'sensitive' operations, like stop, restart, reload.
This parameter is generally set in encrypted form, so it can not be set
manually.
names.reset_stats_interval = 3600
Syntax: 10-ub4max
Default: 0 (off)
Specifies the number of seconds during which the statistics collected by the
Names Servers should accumulate. At the frequency specified, they are reset
to zero. The default value of 0 means never reset statistics.
names.trace_directory = /oracle/network/trace
Syntax: directory
Default: $ORACLE_HOME/network/trace
Indicates the name of the directory to which trace files from a Names Server
trace session are written.
names.trace_file = names.trc
Syntax: filename
Default: names.trc
Indicates the name of the output file from a Names Server trace session.
names.trace_func # NA
Syntax: T/F
Default: False
Internal mechanism to control tracing by function name.
names.trace_level = ADMIN
Syntax: T/F
Default: False
Syntax: {OFF,USER,ADMIN,0-16}
Default: OFF (0)
Indicates the level at which the Names Server is to be traced.
Available Values:
0 or OFF - No trace output
4 or USER - User trace information
10 or ADMIN - Administration trace information
16 or SUPPORT - WorldWide Customer Support trace information
names.trace_mask = (200,201,202,203,205,206,207)
Syntax: list of numbers
Default: NULL
Internal mechanism to control trace behavior.
names.trace_unique = True
Syntax: T/F
Default: False
Indicates whether each trace file has a unique name, allowing multiple trace
files to coexist. If the value is set to ON, a process identifier is appended
to the name of each trace file generated.
# - Namesctl ---------------------------------------------------------
#namesctl.trace_directory = /oracle/network/trace
#Syntax: directory
#Default: $ON/trace
# Indicates the name of the directory to which trace files from a namesctl
# trace session are written.
#namesctl.trace_file = namesctl.trc
#Syntax: filename
#Default: namesctl.trc
# Indicates the name of the output file from a namesctl trace session.
#namesctl.trace_func # NA
#Syntax: word list
#Default: NULL
# Internal mechanism to control tracing by function name.
#namesctl.trace_level = ADMIN
#Syntax: {OFF,USER,ADMIN,0-16}
#Default: OFF (0)
# Indicates the level at which the namesctl is to be traced.
# Available Values:
# 0 or OFF - No trace output
# 4 or USER - User trace information
# 10 or ADMIN - Administration trace information
# 16 or SUPPORT - WorldWide Customer Support trace information
#namesctl.trace_mask # NA
#Syntax: number list
#Default: NULL
# Internal mechanism to control trace behavior.
#namesctl.trace_unique = True
#Syntax: T/F
#Default: False
# Indicates whether each trace file has a unique name, allowing multiple trace
# files to coexist. If the value is set to ON, a process identifier is appended
# to the name of each trace file generated.
#namesctl.no_initial_server = False
#Syntax: T/F
#Default: False
# If set to TRUE namesctl will suppress any error messages when namesctl is
# unable to connect to a default names server.
#namesctl.internal_use = True
#Syntax: T/F
#Default: False
# If set to true namesctl will enable a set of internal undocumented commands.
# All internal commands are preceded by an underscore ('_') in order to
# distinguish them as internal. Without going into details, the commands
# enabled are:
# adddata createname deletename
# fullstatus ireplacedata newttlname
# pause remove_data renamename
# replacedata start walk*
# There are also a set of names server variables which may be set when
# namesctl is in internal mode:
# authorityrequired autorefresh*
# cachecheckpoint_interval cachedump
# defaultautorefresh_expire defaultautorefresh_retry
# defaultforwarders_only forwardingdesired
# maxreforwards modifyops_enabled
# nextcache_checkpoint nextcache_flush
# nextstat_log nextstat_reset
# reload request_delay
# restart shutdown
#namesctl.noconfirm = True
#Syntax: T/F
#Default: False
# When set to TRUE namesctl will suppress the confirmation prompt when
# sensitive operations (stop, restart, reload) are requested. This is
# quite helpful when using namesctl scripts.
#namesctl.server_password = mangler
#Syntax: string
#Default: NULL
# Automatically sets the password for the names server in order to perform
# sensitive operations (stop, restart, reload). The password may also be
# set manually during a namesctl session using 'set password'.
#namesctl.internal_encrypt_password = False
#Syntax: T/F
#Default: True
# When set to TRUE namesctl will not encrypt the password when it is sent to
# the names server. This would enable an unencrypted password to be set in
# names.ora:names.server_password
# - Native Naming Adpaters -------------------------------------------
#names.dce.prefix = /.:/subsys/oracle/names
#Syntax: DCE cell name
#Default: /.:/subsys/oracle/names
#Specifies the DCE cell (prefix) to use for name lookup.
#names.nds.name_context = personnel.acme
#Syntax: NDS name
#Default: (OSD?)
# Specifies the default NDS name context in which to look for the name to
# be resolved.
#names.nis.meta_map # NA
# Syntax: filename
# Default: sqlnet.maps
# Specifies the file to be used to map NIS attributes to an NIS mapname.
# Currently unused.
# - Advanced Networking Option Authentication Adapters ----------------
#sqlnet.authentication_services
# Syntax: A single value or a list from {beq, none, all, kerberos5,
# cybersafe, securid, identitx}
# Default: NONE
# Enables one or more authentication services. To enable
# authentication via the Oracle Security Server, use (beq, oss). If
# the Advanced Networking Option has been installed with Kerberos5
# support, using (beq, kerberos5) would enable authentication via
# Kerberos.
sqlnet.authentication_services=(beq, oss)
## Parmeters used with Kerberos adapter.
#sqlnet.kerberos5_cc_name
# Syntax: Any valid pathname.
# Default: /tmp/krb5cc_<uid>
# The Kerberos credential cache pathname.
#sqlnet.kerberos5_cc_name=/tmp/mycc
#sqlnet.kerberos5_clockskew
# Syntax: Any positive integer.
# Default: 300
# The acceptable difference in the number of seconds between when a
# credential was sent and when it was received.
#sqlnet.kerberos5_clockskew=600
#sqlnet.kerberos5_conf
# Syntax: Any valid pathname.
# Default: /krb5/krb.conf
# The Kerberos configuration pathname.
#sqlnet.kerberos5_conf=/tmp/mykrb.conf
#sqlnet.kerberos5_realms
# Syntax: Any valid pathname
# Default: /krb5/krb.realms
# The Kerberos host name to realm translation file.
#sqlnet.kerberos5_realms=/tmp/mykrb.realms
#sqlnet.kerberos5_keytab
# Syntax: Any valid pathname.
# Default: /etc/v5srvtab
# The Kerberos secret key file.
#sqlnet.kerberos5_keytab=/tmp/myv5srvtab
#sqlnet.authentication_kerberos5_service
# Syntax: Any string.
# Default: A default is not provided.
# The Kerberos service name.
#sqlnet.authentication_kerberos5_service=acme
## Parmeters used with CyberSAFE adapter.
#sqlnet.authentication_gssapi_service
# Syntax: A correctly formatted service principal string.
# Default: A default is not provided.
# The CyberSAFE service principal
#sqlnet.authentication_gssapi_service=acme/[email protected]
## Parmeters used with Identix adapter.
#sqlnet.identix_fingerprint_method
# Syntax: Must be oracle.
# Default: A default is not provided.
# The Identix authentication server method
#sqlnet.identix_fingerprint_method=oracle
#sqlnet.identix_fingerprint_database
# Syntax: Any string.
# Default: A default is not provided.
# The Identix authentication server TNS alias
#sqlnet.identix_fingerprint_database=ofm
#sqlnet.identix_fingerprint_database_user
# Syntax: Any string
# Default: A default is not provided.
# The Identix authentication service well known username.
#sqlnet.identix_fingerprint_database_user=ofm_client
#sqlnet.identix_fingerprint_database_password
# Syntax: Any string
# Default: A default is not provided.
# The Identix authentication service well known password.
#sqlnet.identix_fingerprint_database_password=ofm_client
# - Advanced Networking Option Network Security -------------------------
#sqlnet.crypto_checksum_client
#sqlnet.crypto_checksum_server
#sqlnet.encryption_client
#sqlnet.encryption_server
# These four parameters are used to specify whether a service (e.g.
# crypto-checksumming or encryption) should be active:
# Each of the above parameters defaults to ACCEPTED.
# Each of the above parameters can have one of four possible values:
# value meaning
# ACCEPTED The service will be active if the other side of the
# connection specifies "REQUESTED" or REQUIRED" and
# there is a compatible algorithm available on the other
# side; it will be inactive otherwise.
# REJECTED The service must not be active, and the connection
# will fail if the other side specifies "REQUIRED".
# REQUESTED The service will be active if the other side specifies
# "ACCEPTED", "REQUESTED", or "REQUIRED" and there is a
# compatible algorithm available on the other side; it
# will be inactive otherwise.
# REQUIRED The service must be active, and the connection will
# fail if the other side specifies "REJECTED" or if there
# is no compatible algorithm on the other side.
#sqlnet.crypto_checksum_types_client
#sqlnet.crypto_checksum_types_server
#sqlnet.encryption_types_client
#sqlnet.encryption_types_server
# These parameters control which algorithms will be made available for
# each service on each end of a connection:
# The value of each of these parameters can be either a parenthesized
# list of algorithm names separated by commas or a single algorithm
# name.
# Encryption types can be: RC4_40, RC4_56, RC4_128, DES, DES40
# Encryption defaults to all the algorithms.
# Crypto checksum types can be: MD5
# Crypto checksum defaults to MD5.
#sqlnet.crypto_seed ="4fhfguweotcadsfdsafjkdsfqp5f201p45mxskdlfdasf"
#sqlnet.crypto_checksum_server = required
#sqlnet.encryption_server = required
# - Oracle Security Server ---------------------------------------------
#oss.source.my_wallet
# Syntax: A properly formatted NLNV list.
# Default: Platform specific. Unix: $HOME/oracle/oss
# The method for retrieving and storing my identity.
#oss.source.my_wallet
# =(source
# =(method=file)
# (method_data=/dve/asriniva/oss/wallet)
#oss.source.location
# Syntax: A properly formatted NLNV list.
# Default: Oracle method, oracle_security_service/oracle_security_service@oss
# The method for retrieving encrypted private keys.
#oss.source.location
# =(source
# =(method=oracle)
# (method_data=
# (sqlnet_address=andreoss)
# - Sqlnet(v2.x) and Net3.0 Client ------------------------------------------
# In the following descriptions, the term "client program" could mean
# either sqlplus, svrmgrl or any other OCI programs written by users
#trace_level_client = ADMIN
#Possible values: {OFF,USER,ADMIN,0-16}
#Default: OFF (0)
#Purpose: Indicates the level at which the client program
# is to be traced.
# Available Values:
# 0 or OFF - No Trace output
# 4 or USER - User trace information
# 10 or ADMIN - Administration trace information
# 16 or SUPPORT - Worldwide Customer Support trace information
#Supported since: v2.0
#trace_directory_client = /oracle/network/trace
#Possible values: Any valid directory path with write permission
#Default: $ORACLE_HOME/network/trace ($ORACLE_HOME=/oracle at customer
# site)
#Purpose: Indicates the name of the directory to which trace files from
# the client execution are written.
#Supported since: v2.0
#trace_file_client = /oracle/network/trace/cli.trc
#Possible values: Any valid file name
#Default: $ORACLE_HOME/network/trace/cli.trc ($ORACLE_HOME =
# /oracle at customer site)
#Purpose: Indicates the name of the file to which the execution trace
# of the client is written to.
#Supported since: v2.0
#trace_unique_client = ON
#Possible values: {ON, OFF}
#Default: OFF
#Purpose: Used to make each client trace file have a unique name to
# prevent each trace file from being overwritten by successive
# runs of the client program
#Supported since: v2.0
#log_directory_client = /oracle/network/log
#Possible values: Any valid directory pathname
#Default: $ORACLE_HOME/network/log ($ORACLE_HOME = /oracle at customer
# site)
#Purpose: Indicates the name of the directory to which the client log file
# is written to.
#Supported since: v2.0
#log_file_client = /oracle/network/log/sqlnet.log
#Possible values: This is a default value, u cannot change this
#Default: $ORACLE_HOME/network/log/sqlnet.log ($ORACLE_HOME=/oracle in
# customer site)
#Purpose: Indicates the name of the log file from a client program
#Supported since: v2.0
#log_directory_server = /oracle/network/trace
#Possible values: Any valid diretcory path with write permission
#Default: $ORACLE_HOME/network/trace ( $ORACLE_HOME=/oracle at customer
# site)
#Purpose: Indicates the name of the directory to which log files from the
# server are written
#Supported since: v2.0
#trace_directory_server = /oracle/network/trace
#Possible values: Any valid directory path with write permission
#Default: $ORACLE_HOME/network_trace ( $ORACLE_HOME=/oracle at customer
# site)
#Purpose: Indicates the name of the directory to which trace files from
# the server are written
#Supported since: v2.0
#trace_file_server = /orace/network/trace/svr_<pid>.trc
#Possible values: Any valid filename
#Default: $ORACLE_HOME/network/trace/svr_<pid>.trc where <pid? stands for
# the process id of the server on UNIX systems
#Purpose: Indicates the name of the file to which the execution trace of
# the server program is written to.
#Supported since: v2.0
#trace_level_server = ADMIN
#Possible values: {OFF,USER,ADMIN,0-16}
#Default: OFF (0)
#Purpose: Indicates the level at which the server program
# is to be traced.
# Available Values:
# 0 or OFF - No Trace output
# 4 or USER - User trace information
# 10 or ADMIN - Administration trace information
# 16 or SUPPORT - Worldwide Customer Support trace information
#Supported since: v2.0
#use_dedicated_server = ON
#Possible values: {OFF,ON}
#Default: OFF
#Purpose: Forces the listener to spawn a dedicated server process for
# sessions from this client program.
#Supported since: v2.0
#use_cman = TRUE
#Possible values: {TRUE, FALSE}
#Default: FALSE
#Purpose:
#Supported since: v3.0
#tnsping.trace_directory = /oracle/network/trace
#Possible values: Any valid directory pathname
#Default: $ORACLE_HOME/network/trace ($ORACLE_HOME=/oracle at customer
# site)
#Purpose: Indicates the directory to which the execution trace from
# the tnsping program is to be written to.
#Supported since: v2.0
#tnsping.trace_level = ADMIN
#Possible values: {OFF,USER,ADMIN,0-16}
#Default: OFF (0)
#Purpose: Indicates the level at which the server program
# is to be traced.
# Available Values:
# 0 or OFF - No Trace output
# 4 or USER - User trace information
# 10 or ADMIN - Administration trace information
# 16 or SUPPORT - Worldwide Customer Support trace information
#Supported since: v2.0
#sqlnet.expire_time = 10
#Possible values: 0-any valid positive integer! (in minutes)
#Default: 0 minutes
#Recommended value: 10 minutes
#Purpose: Indicates the time interval to send a probe to verify the
# client session is alive (this is used to reclaim watseful
# resources on a dead client)
#Supported since: v2.1
#sqlnet.client_registration = <unique_id>
#Possible values:
#Default: OFF
#Purpose: Sets a unique identifier for the client machine. This
# identifier is then passed to the listener with any connection
# request and will be included in the Audit Trail. The identifier
# can be any alphanumeric string up to 128 characters long.
#Supported since: v2.3.2
#bequeath_detach = YES
#Possible values: {YES,NO}
#Default: NO
#Purpose: Turns off signal handling on UNIX systems. If signal handling
# were not turned off and if client programs written by users make
# use of signal handling they could interfere with Sqlnet/Net3.
#Supported since: v2.3.3
#automatic_ipc = OFF
#Possible values: {ON,OFF}
#Default: OFF
#Purpose: Force a session to use or not to use IPC addresses on the
# client's node.
#Supported since: v2.0
#disable_oob = ON
#Possible values: {ON,OFF}
#Default: OFF
#Purpose: If the underlying transport protocol (TCP, DECnet,...) does
# not support Out-of-band breaks, then disable out-of-band
# breaks
#Supported since: v2.0
# -
My java application is delopyed on neo.ondemand.com and use the hana database on cloud also, we use eclipselink
the jpa persistence configuration:
<property name="eclipselink.target-database" value="com.sap.persistence.platform.database.HDBPlatform"/>
here i do not specify any user or password to access the database, i think hana JDBC somehow hide the user information when java application and hana database both are on the cloud.
for the tables created by JPA itself, access if fine.
now i have created a view via Hana studio, though database tunnel using account dXXXXXXsapdev
i have an JPA entity, and i am trying to access the view from java application, it reports error:
Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.2.v20111125-r10461): org.eclipse.persistence.exceptions.DatabaseException Internal Exception: com.sap.db.jdbc.exceptions.JDBCDriverException: SAP DBTech JDBC: [258]: insufficient privilege:
I do not know which database user is used by JPA to access the view, how can i grant the database rights on the view so that "native java application on cloud" can
access the database schema (or view created though database tunnel )
any comment is welcomed.Hi,
Please post this issue under SAP HANA Cloud Platform space. The platform experts should be able to help with that.
Regards,
Ifat. -
I want to mirror a schema to a existing schema by creating DDL and recreate on the other schema with same name.
I wrote the code below:
create or replace
PROCEDURE SCHEMA_A."MAI__DWHMIRROR"
AS
v_sqlstatement CLOB:='bos';
str varchar2(3999);
BEGIN
select
replace(
replace(replace(
replace(DBMS_METADATA.GET_DDL('TABLE','XXXX','SCHEMA_A'),'(CLOB)',''),';','')
,'SCHEMA_A'
,'SCHEMA_B'
into v_sqlstatement
from dual;
select CAST(v_sqlstatement AS VARCHAR2(3999)) into str from dual;
execute immediate ''||str;
END;
And Executing this block with below code:
set serveroutput on
begin
SCHEMA_A.MAI__DWHMIRROR;
end;
But still getting the following error code:
Error report:
ORA-01031: insufficient privileges
ORA-06512: at "SCHEMA_A.MAI__DWHMIRROR", line 47
ORA-06512: at line 2
01031. 00000 - "insufficient privileges"
*Cause: An attempt was made to change the current username or password
without the appropriate privilege. This error also occurs if
attempting to install a database without the necessary operating
system privileges.
When Trusted Oracle is configure in DBMS MAC, this error may occur
if the user was granted the necessary privilege at a higher label
than the current login.
*Action: Ask the database administrator to perform the operation or grant
the required privileges.
For Trusted Oracle users getting this error although granted the
the appropriate privilege at a higher label, ask the database
administrator to regrant the privilege at the appropriate label.user5199319 wrote:
USER has DBA Role
when all else fails Read The Fine Manual
DBMS_METADATA -
Check database with error "ORA-01031: insufficient privileges"
Dear Gurus,
I ran "Check database" in DB13 but I got error "ORA-01031: insufficient privileges"
BR0280I BRCONNECT time stamp: 2010-03-31 12.37.00
BR0301E SQL error -1031 at location BrDbdiffRead-1, SQL statement:
'PREPARE stmt_5 STATEMENT FROM'
'SELECT OBJNAME FROM "SAPSR3".DBDIFF WHERE DBSYS IN ('ORACLE', ' ') AND OBJTYPE = 'TABL' AND DIFFKIND IN ('02', '61', '99') ORDER BY OBJNAME'
ORA-01031: insufficient privileges
BR0806I End of BRCONNECT processing: cecxekdh.chk 2010-03-31 12.37.00
Note I try to execute sapdba_role.sql (with command "sqlplus /nolog @sapdba_role.sql SR3") as Note 134592 both login 'oradev' and 'devadm' but it seem to do nothing (not found sapdba_role.log)
Please advice.
Best regards,
Choosak B.
Ps.
detailed log of /oracle/DEV/sapcheck/cecxekdh.chk
BR0801I BRCONNECT 7.00 (40)
BR0477I Oracle pfile /oracle/DEV/102_64/dbs/initDEV.ora created from spfile /oracle/DEV/102_64/dbs/spfileDEV.ora
BR0805I Start of BRCONNECT processing: cecxekdh.chk 2010-03-31 12.30.53
BR0484I BRCONNECT log file: /oracle/DEV/sapcheck/cecxekdh.chk
BR0101I Parameters
Name Value
oracle_sid DEV
oracle_home /oracle/DEV/102_64
oracle_profile /oracle/DEV/102_64/dbs/initDEV.ora
sapdata_home /oracle/DEV
sap_profile /oracle/DEV/102_64/dbs/initDEV.sap
system_info devadm/oradev sapdev SunOS 5.10 Generic_142900-03 sun4v
oracle_info DEV 10.2.0.4.0 8192 7465 94896497 sapdev UTF8 UTF8
sap_info 701 SAPSR3 0002LK0003DEV0011N11827599290015Maintenance_ORA
make_info sun_64 OCI_102 Feb 21 2009
command_line brconnect -u / -jid CHECK20100331123000 -c -f check
alert_log /oracle/DEV/saptrace/background/alert_DEV.log
BR0280I BRCONNECT time stamp: 2010-03-31 12.30.56
BR0813I Schema owners found in database DEV:
DBSNMP, DIP, OPS$DEVADM, OPS$ORADEV, OPS$SAPSERVICEDEV, ORACLE_OCM, OUTLN, SAPSR3*, SYS, SYSTEM,
TSMSYS
BR0118I Tablespaces and data files
Tablespace Status File Status Id. Size MaxSize IncrSize BlkSize Device Type Link
PSAPSR3 ONLINE+ /oracle/DEV/sapdata2/sr3_1/sr3.data1 ONLINE+ 4 2411732992 10485760000 20971520 8192 16777219 FILE NOLINK
SYSTEM ONLINE+ /oracle/DEV/sapdata1/system_1/system.data1 SYSTEM+ 1 1017126912 10485760000 20971520 8192 16777219 FILE NOLINK
BR0119I Redo log files
File Status Group Size Device Type Link
/oracle/DEV/origlogA/log_g11m1.dbf INUSE 1 52429312 16777218 FILE NOLINK
/oracle/DEV/mirrlogA/log_g11m2.dbf INUSE 1 52429312 16777218 FILE NOLINK
/oracle/DEV/origlogB/log_g12m1.dbf INUSE 2 52429312 16777218 FILE NOLINK
/oracle/DEV/mirrlogB/log_g12m2.dbf INUSE 2 52429312 16777218 FILE NOLINK
/oracle/DEV/origlogA/log_g13m1.dbf INUSE 3 52429312 16777218 FILE NOLINK
/oracle/DEV/mirrlogA/log_g13m2.dbf INUSE 3 52429312 16777218 FILE NOLINK
/oracle/DEV/origlogB/log_g14m1.dbf INUSE 4 52429312 16777218 FILE NOLINK
/oracle/DEV/mirrlogB/log_g14m2.dbf INUSE 4 52429312 16777218 FILE NOLINK
BR0120I Control files
File Size Device Type Link
/oracle/DEV/origlogA/cntrl/cntrlDEV.dbf 15024128 16777218 FILE NOLINK
/oracle/DEV/origlogB/cntrl/cntrlDEV.dbf 15024128 16777218 FILE NOLINK
/oracle/DEV/sapdata1/cntrl/cntrlDEV.dbf 15024128 16777219 FILE NOLINK
BR0982I Database disk volumes
Directory / Raw disk Device Total[KB] Free[KB] Used[%] MaxNeed[KB] MaxMiss[KB]
/oracle/DEV/102_64 16777218 480700086 404332206 15.89 0 0
/oracle/DEV 16777218 480700086 404332206 15.89 0 0
/oracle/DEV/mirrlogA 16777218 480700086 404332206 15.89 0 0
/oracle/DEV/mirrlogB 16777218 480700086 404332206 15.89 0 0
/oracle/DEV/origlogA 16777218 480700086 404332206 15.89 0 0
/oracle/DEV/origlogB 16777218 480700086 404332206 15.89 0 0
/oracle/DEV/sapdata1 16777219 591212116 404332206 31.61 240019884 0
/oracle/DEV/sapdata2 16777219 591212116 404332206 31.61 240019884 0
/oracle/DEV/sapdata3 16777219 591212116 404332206 31.61 240019884 0
/oracle/DEV/sapdata4 16777219 591212116 404332206 31.61 240019884 0
/oracle/DEV/saparch 16777218 480700086 404332206 15.89 0 0
/oracle/DEV/sapbackup 16777218 480700086 404332206 15.89 0 0
/oracle/DEV/sapcheck 16777218 480700086 404332206 15.89 0 0
/oracle/DEV/sapreorg 16777218 480700086 404332206 15.89 0 0
/oracle/DEV/saptrace 16777218 480700086 404332206 15.89 0 0
/oracle/DEV/oraarch 16777218 480700086 404332206 15.89 0 0
BR0280I BRCONNECT time stamp: 2010-03-31 12.31.29
BR0814I Number of tables in schema of owner SAPSR3: 74582
BR0836I Number of info cube tables found for owner SAPSR3: 49
BR0814I Number of tables/partitions in schema of owner SYS: 625/189
BR0814I Number of tables/partitions in schema of owner SYSTEM: 134/27
BR0280I BRCONNECT time stamp: 2010-03-31 12.32.28
BR0815I Number of indexes in schema of owner SAPSR3: 89159
BR0815I Number of indexes/partitions in schema of owner SYS: 678/199
BR0815I Number of indexes/partitions in schema of owner SYSTEM: 175/32
BR0280I BRCONNECT time stamp: 2010-03-31 12.37.00
BR0816I Number of segments in schema of owner DBSNMP: 25
BR0816I Number of segments in schema of owner OPS$DEVADM: 1
BR0816I Number of segments in schema of owner OUTLN: 9
BR0816I Number of segments/LOBs in schema of owner SAPSR3: 168369/2314
BR0816I Number of segments/LOBs in schema of owner SYS: 1831/87
BR0816I Number of segments/LOBs in schema of owner SYSTEM: 353/22
BR0816I Number of segments in schema of owner TSMSYS: 4
BR0280I BRCONNECT time stamp: 2010-03-31 12.37.00
BR0961I Number of conditions found in DBCHECKORA: 118
BR0983I Tablespace fragmentation
Tablespace Files Tables Indexes Extents Total[KB] Used[%] Free[KB] FreeExt. MaxSize[KB] MaxAlloc[KB] Used[%] Free[KB] Largest[KB]
PSAPSR3 16 74248 88689 209864 54138880 94.51 2970752 240 163840000+ 109701120+ 31.23+ 112671872+ 9246720:7966720:7946240:7905280:7905280+
PSAPSR3701 14 0 0 0 54466560 0.00 54465664 20 143360000+ 88893440+ 0.00+ 143359104+ 9021440:8192000:8192000:8192000:8192000+
PSAPSR3701X 4 310 445 12190 68342784 94.20 3962240 7 68342784 0 94.20 3962240 1298432:1191936:979968:163776:163776
PSAPSR3USR 1 24 25 51 51200 6.50 47872 1 10240000+ 10188800+ 0.03+ 10236672+ 10188800+:47872:0:0:0
PSAPTEMP 1 0 0 0 1433600 0.00 1433600 0 10240000+ 8806400+ 0.00+ 10240000+ 8806400+:0:0:0:0
PSAPUNDO 1 0 0 0 7823360 0.00 7823296 406 10240000+ 2416640+ 0.00+ 10239936+ 2416640+:2041792:1814464:1433536:603072
SYSAUX 1 254 284 2059 307200 93.35 20416 16 10240000+ 9932800+ 2.80+ 9953216+ 9932800+:13248:3072:1024:640
SYSTEM 1 505 569 2926 993280 98.91 10816 2 10240000+ 9246720+ 9.59+ 9257536+ 9246720+:10176:640:0:0
Total: 39 75341 90012 227090 187556864 62.29 70734656 692 426742784 239185920 27.38 309920576 60157952:19463744:18936384:17695616:16864768
BR0280I BRCONNECT time stamp: 2010-03-31 12.37.00
BR0301E SQL error -1031 at location BrDbdiffRead-1, SQL statement:
'PREPARE stmt_5 STATEMENT FROM'
'SELECT OBJNAME FROM "SAPSR3".DBDIFF WHERE DBSYS IN ('ORACLE', ' ') AND OBJTYPE = 'TABL' AND DIFFKIND IN ('02', '61', '99') ORDER BY OBJNAME'
ORA-01031: insufficient privileges
BR0806I End of BRCONNECT processing: cecxekdh.chk 2010-03-31 12.37.00
BR0280I BRCONNECT time stamp: 2010-03-31 12.37.00
BR0804I BRCONNECT terminated with errorsHi,
It solved after change permission of directory that sapdba_role.sql kept to oradev:dba after that it can write sapdba_role.log.
Thank you for your guideline.
Now, I can ran 'Check database' via DB13 without that error.
Best regards,
Choosak B. -
Fail to logon with SYS user: ORA-01031: insufficient privileges
Hello,
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production
PL/SQL Release 11.2.0.1.0 - Production
CORE 11.2.0.1.0 Production
TNS for Linux: Version 11.2.0.1.0 - Production
NLSRTL Version 11.2.0.1.0 - Production
OS: CentOS 5.5
I fail to log on with SYS user through PL/SQL Developer. I receive the error: ORA-01031: insufficient privileges. PL/SQL Developer is installed on Windows 7 Professional. Oracle Client Version is 11.2.0.1.0. However I logon successfully with SYSMAN and SYSTEM.
For those who might ask whether I try to connect "as sysdba" when I use SYS user, the answer is YES, I do.
Besides I think the name of the tool (PL/SQL Developer) doesn't matter because I think I'll face the same error with any other tool (but I mentioned it just in case).
On server side I have no issues with SYS user. I can connect through SQLPlus with connect / as sysdba or connect "/as sysdba" faultlessly.
The initialization parameter sec_case_sensitive_logon is set to FALSE
SQL> show parameter sensi
NAME TYPE VALUE
sec_case_sensitive_logon boolean FALSE
I'm using local naming to connect and on client side I've a tnanames.ora file. The sqlnet.ora file looks like this:
SQLNET.AUTHENTICATION_SERVICES= (NTS)
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)I read in this forum (another thread) about using a password file. I created a password file using orapwd this way:
orapwd file=orapwDB11G2 entries=100 ignorecase=y password=a_passwordwhere I replaced "a_password" with the SYS password.
Actually I'm not sure the client is influenced by the password file anyway because I tell it to use local naming.
Any clues?
Thank you very much!Verdi wrote:
Hello, Chinar, AlexeyDev,
ORACLE_SID variable is:
[oracle@localhost bin]$ echo $ORACLE_SID
planetThe directory $ORACLE_HOME/dbs:
[oracle@localhost ~]$ ls -l $ORACLE_HOME/dbs
total 28020
-rw-rw---- 1 oracle oinstall 1544 Apr 10 12:43 hc_DBUA0.dat
-rw-rw---- 1 oracle oinstall 1544 Apr 27 18:02 hc_planet.dat
-rw-r--r-- 1 oracle oinstall 2851 May 15 2009 init.ora
-rw-r--r-- 1 oracle oinstall 2966 Apr 26 16:33 initplanet.ora
-rw-r----- 1 oracle oinstall 24 Apr 1 18:22 lkPLANET
-rw-r----- 1 oracle oinstall 9519104 Apr 27 18:43 ora_control1
-rw-r----- 1 oracle oinstall 9519104 Apr 27 18:43 ora_control2
drwx------ 2 oracle oinstall 4096 Apr 10 12:43 peshm_DBUA0_0
drwx------ 2 oracle oinstall 4096 Apr 1 18:19 peshm_planet_0
-rw-r----- 1 oracle oinstall 9519104 Apr 8 11:25 snapcf_planet.f
-rw-r----- 1 oracle oinstall 2560 Apr 27 18:41 spfileplanet.oraThe value of the parameter remote_login_passwordfile is:
*.remote_login_passwordfile='EXCLUSIVE'
I start up the instance using the spfile.As a side observation, it appears you have two control files also in this directory. That is risky, and goes against the intent of having multiplexed the control file. Ideally they would be on separate disk devices - including separate controllers, but at the very least they should be in directories that are separate all the way back to the root directory. If you can't protect against hardware failure, at least protect against human failure. -
Resolving problem with ORA-01031: insufficient privileges
hello i just to write a few word about my installation of oracle database 9i
My installation is on a Red Hat AS3
I have a problem with the error :ORA-01031: insufficient privileges
The one who read this know what about i tell.
The authorization is only for the user which Group is DBA as you can read everywhere.
but me when i tried groupadd dba => it tells group already exist.
but i can't find the group dba in the file /etc/group.
So i tried to make my user 'oracle' works with the 'already group exist' dba .
useradd -g dba oracle
but when i tried to start the database i create i have the message. : ORA-01031: insufficient privileges
i tried to add manualy the group dba to /etc/group (as i can read in websites)
and add a user manualy (/etc/passwd).
But does works.
I try all i can during 1 days long.
I was really upset because nothing that i read work.
finaly I go to the RedHat Menu (things i don't really do normaly on LINUX) and go to 'SYSTEM SETTINGS' and choose 'User and Group'
Here i can see my user 'Oracle' I get the property of the user .
there is a tab group ( 'select the group that the user will be member of:')
None of them where name DBA so i decidied to select all of them and tried.
MAGIC!!! then it works!!!
ps: after when i see the list of the group I saw that one of them is named 'SYS' . I really think that it is the one group i had to select. but don't know.
Now It is working for me so... And good luck for you. bye.Errors
ORA-01031 "insufficient privileges"
Symptoms
During database upgrade phase using DBUA , it fails with error
ORA-1031 Insufficient privileges
Connection from sqlplus also fails with same error
$ sqlplus /nolog
SQLPLUS "conn / as sysdba"
ORA-1031 Insufficient privileges
Changing the REMOTE_LOGIN_PASSWORDFILE to SHARED / NONE does not make differen
Cause
ORACLE_HOME owner oramigts is part of OS group "dba" ,but config.s shows group "g680"
The 'OSDBA' and 'OSOPER' groups are chosen at installation time and usually both default to the group 'dba'.
These groups are compiled into the 'oracle' executable and so are the same for all databases running from a given ORACLE_HOME directory.
The actual groups being used for OSDBA and OSOPER can be checked thus:
cd $ORACLE_HOME/rdbms/lib
cat config.[cs]
Solution
To implement the solution, please execute the following steps:
1. Checked the ORACLE_HOME owner.
echo $ORACLE_HOME
/h02/app/oracle/product/9.2.0_64
cd / h02/app/oracle/product/
ls -l
drwxr-xr-x 58 oramigts dba 1024 Jan 2 2004 9.2.0_64
2.ORACLE_HOME software owner "oramigts" is part of group "dba"
3.Checked file $ORACLE_HOME/rdbms/lib/config.s
[If your platform has config.c:
Due to the way different compilers under different architectures generate
assembler code, it's not possible to give a universal rule.]
It shows dba group as "g680" where software owner is part of "dba" group
You can more find detail on config.s / config.c in the following doc.
Note 50507.1 SYSDBA and SYSOPER Privileges in Oracle
4. Modified the config.s for correct group.
.ascii "g680\0"
to
.ascii "dba\0"
7. mv config.o config.o.bak
8. make -f ins_rdbms.mk config.o ioracle
9. Checked the file config.o is created at $ORACLE_HOME/rdbms/lib
10. Connected / as sysdba thru Sqlplus from 9.2 Home, which connected sucessfully. -
Backups fail with Insufficient privileges error
Oracle 9.2.0.5 database
Solaris Operating Sysstem
I needed to recreate one database recently from the backup. I used DUPLICATE TARGET DATABASE comamand to recreate database. And once client confirmed I removed old database and copied this new database to original location and recreated controlfile.
But the tape backups are failing ever since then.
Is it because of password file problems ? This is a a totally new database and also DBID is different . But database name is same and created from backups of old database.
Backups fail with this error.
RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
ORA-01031: insufficient privileges
But the RMANUSER has the same privileges as in other databases on this server.
SQL> select username,sysdba,sysoper from v$pwfile_users;
USERNAME SYSDB SYSOP
SYS TRUE TRUE
RMANUSER TRUE FALSE
SQL> select privilege from dba_sys_privs where grantee='RMANUSER';
PRIVILEGE
CREATE SESSION
UNLIMITED TABLESPACE
How to resolve this issue ?I actually recreated the password file using orapwd utility. But when checked the V$PWFILE_USERS it showed no users. Not even SYS
And I tired to grant SYSDBA to RMANUSER. It failed with the following error.
ERROR at line 1:
ORA-01999: password file mode has changed from 'exclusive' to 'shared'
But the show parameter REMOTE showed that remote_login_passwordfile is still EXCLUSIVE. And database uses an INIT file, not SPFILE.
I had to move back the copy of Old password file and now it shows two users (SYS and RMANUSER) again. -
SAP DBTech JDBC: [258]: insufficient privilege: Not authorized
I am using SAP HANA Cloud Trial; I created Analytic View based on two table dimension table and fact table, I can display content from both tables, but I can not display data preview from my Analytic View, getting authorization message;SAP DBTech JDBC: [258]: insufficient privilege: Not authorized.
Hi,
Please post this issue under SAP HANA Cloud Platform space. The platform experts should be able to help with that.
Regards,
Ifat. -
Dear All,
We are getting the below error when we tried to call procedure ART_PROC using the SYSTEM user in SAP HANA Studio,
Could not execute 'call "TESTECC"."ART_PROC"'
SAP DBTech JDBC: [258]: insufficient privilege: Not authorized
Kindly provide your suggestions on the same.
Thanks
Arun RHello Arun,
Firstly it is **not** recommended to use SYSTEM for anything other than management tasks.
My Assumptions
* the procedure ART_PROC was not created by the SYSTEM user
Solution : you need to give EXECUTE privileges on the procedure to SYSTEM
How: Only the user who created the procedure or who has been give grant privilege can give the EXECUTE privilege. SYSTEM cannot give itself this privilege
For the Grant command check out sec 1.8.6.17 of the http://help.sap.com/hana/SAP_HANA_SQL_Script_Reference_en.pdf
OR
in the HANA Studio
in the System tab expand the system with the log in user as the owner/grantor of the privilege
here you will see a node called Security.
Right-click and choose 'Find User/Role'
Type System in the search dialog that opens - double click on SYSTEM user displayed below
System user opens up - Navigate to Object Privileges tab
here using the green '+' button search for ART_PROC and then on the right side tick the 'Execute' checkbox
click on save.
Warm regards
aadi -
ASA - logging via radius with group name passed.
Hi,
I'm trying to setup ASA5520 with Radius to authenticate users with group
privileges.
Useing Radius with ASA to authenticate users is quite simple. When I try
to pass from asa tunnel-group name (with group-policy and attributes
attached) there is a problem that ASA dosn't pass any group name to
radius.
Is there any way to overcome it?
What I want to do is to apply different policies to username depending
with what tunnel-group name he logs in to webvpn. I assume one user may
be member of different groups.
br
MarcinIt's possible.
Differentiate your privileges and restrictions based off of group-policy, not the tunnel-group. Keep your default WebVPN tunnel-group, and do not specify a default group policy for this tunnel-group.
Create separate group-policies that differentiate what links different groups of users should be presented with. If you're using ACS, link your Cisco Secure Groups to groups in Active Directory (or other method of directory services). The Cisco Secure Groups should then be configured to pass specific RADIUS attributes, such as the "Class" attribute #25. ACS will then tell the ASA to place the user (from Active Directory) into a specific group-policy, which you can then limit URL's shown with the url-list command.
Long winded, I know...any questions, please ask. -
ITunes 7.4.2 Run Error with Vista (insufficient privileges)
Short and sweet. Windows Vista. McAfee Security. User Profile is coded as Adminsistrator and previous iTunes version was working fine.
Loaded 7.4.2 and install registered complete. First time to open the store..rec'd error: "The Installer has insufficient privileges to modify this file: C;\Program Files\iTunes\About iTunes.rtf." Now..when I click on the actual file, I get "You don't have permission to open file". Yes..I went into the security tab to open the file to all users, and when I clicked the icon again, it showed another file, and another...so on. I certainly do not want to manually edit every single file and when I try to uninstall, I don't have permission to erase the files. Anybody with an idea what I am going through and have a fix?Hello, first of all thank you veyr much polydorus the driver resolved the itunes error
But I still having problems with most of my movie files I keep getting the error: Error -2202: a bad public atom was found in the movie
And strangest is on my brothers ipod the files work, and they did work before on my old ipod (30gb) to now I bought a new one (160gb) and I cant copy any files to it, also if I convert my offical files again I keep getting this error.
is there anyone that knows what is wrong maybe? -
8.1.6 install fails with Error 1321 Installer has insufficient privileges -
Adobe Reader “Check for Updates” identifies “Adobe Reader 8.1.6 (CPSID_49167)” as “Available”.
Installation fails with “Error 1321.The Installer has insufficient privileges to modify the file C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Search.api.”
Reboot tries to complete install adding unwanted desktop icon, but CPSID_49167 still shows as “Available” and MSI29706>LOG(s) show above error.
XP SP3 Home, IE7, Adobe Reader 8.1.5Thanx kashifMohd,
Downloaded the fix, vetted it, and before creating a new Administrator account used the following recipe with success:
1. Ran downloaded fix with usual Admin Account and got the “Error 1321 for Search.api.” as before, but now there is a pop-up asking "Retry" or "Cancel" that did not appear when using "Get Updates" function from running Adobe Reader. Replied "Cancel".
2. Rebooted, and disabled Kaspersky Anti-Virus.
3. Again ran downloaded fix with usual Admin Account and got Error 1321 for different file: "C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins3d\3difr.x3d" with pop-up asking "Retry" or "Cancel".
4. Clicked "Retry" this time and installation completed successfully.
Thanx again.
Maybe you are looking for
-
Refreshing DEV from TEST in R12
Hi all, I'm planning to Refresh a Development instance from a Test instance. Both the source and Target are within the same server. I'm following the Note: 406982.1- Cloning Oracle Applications Release 12 with Rapid Clone. Here, I'm refering to Secti
-
Deploy a JSP file onto the Portal Server ?
Hello All, I have a jsp file with me. Now I just want to deploy it on to the Portal server. Should I create a JSP Dynpage ? I've the complete jsp file . Shud i need to do anything to convert it into a jsp dynpage ? Can anyone tell me the procedure of
-
Customer specific field table T77OMATTR
Hi guys. SRM 4.0, server 5.0. I have added an attribute to use in the PPOMA. My attribute is for the tax jurisdiction code, besides this extra attribute I have added a customer specific field to the SC. But which function modules should I use to fill
-
Hello ! We use clocking machine for recording employee clock-in/out . All the data is stored in a 'flat' file which is supposed to be uploaded into SAP. When tried to open and read the flat file using OPEN DATASET and READ DATASET commands,
-
Error 6 when i try to download 3 0day version
can anyone help me with this????? <PRE>Exit Code: 6 Please see specific errors below for troubleshooting. For example, ERROR: -------------------------------------- Summary -------------------------------------- - 0 fatal error(s), 2 error(s) ------